<?php
/**
 * Created by PhpStorm.
 * User: CS
 * Date: 2018/11/11
 * Time: 21:01
 */
//引入连库文件
require './conn.php';
//包含邮件函数发送邮件
require 'maile.php';

//判断是登录还是注册
if($_GET['type'] == 'login'){//登录
    //接收数据
    $user = $_POST['username'];
    $pwd = md5($_POST['pwd']);
    //连库查询
    $sql = "SELECT * FROM `gm_index` WHERE `game_user` = '$user' and `game_pwd` = '$pwd'";
    $re = mysqli_query($con,$sql);
    $row = mysqli_fetch_assoc($re);
    //登录成功
    if($row){
        $_SESSION['id'] = $row['id'];
        $_SESSION['name'] = $row['game_user'];
        echo 1;
    }else{//登录失败
       echo '用户名或密码错误！';
    }
}elseif($_GET['type'] == 'reg'){//注册
    //接收数据
    $user = $_POST['username'];
    $n = preg_match('/luke|caoshen/',$user);
    if($n > 0){
        echo '说了不要瞎起名！！';
        exit;
    }
    $pwd = md5($_POST['pwd']);
    $email = $_POST['email'];
    $yzm = $_POST['yzm'];
    //判断邮箱
    $sql = "SELECT * FROM `gm_index` WHERE `email` = '$email'";
    $re = mysqli_query($con,$sql);
    $row = mysqli_fetch_assoc($re);
    //验证邮箱
    if($row){
        echo '该邮箱已被注册';
        exit;
    }
    //判断验证码
    if($yzm != $_SESSION['yzm']){
        echo '验证码错误';
        exit;
    }
    //生成令牌
    $pass = time() . mt_rand(1111,9999);
    //连库写入
    $sql = "INSERT INTO `gm_index` (`game_user`,`game_pwd`,`email`,`change_pwd`) VALUES('$user','$pwd','$email','$pass')";
    $re = mysqli_query($con,$sql);
    if($re){//注册成功
        echo 1;
    }else{
        echo '注册失败！请稍后再试！';
    }
}elseif($_GET['type'] == 'yzm'){//验证码
    //接收邮箱
    $email = $_POST['email'];
    //产生验证码
    $yzm = mt_rand(1111,9999);
    //构建语句
    $str = '您本次的认证码是<b>'. $yzm .'</b>！';
    //发送邮件
    $re = sendAction($email,'17wan官网',$str);
    if($re){//邮件发送成功
        //将验证码写入session
        $_SESSION['yzm'] = $yzm;
        echo '邮件发送成功！（腾讯邮箱可能被发送垃圾箱）';
    }else{
        echo '邮件发送失败！';
    }
}elseif($_GET['type'] == 'yzyx'){//验证邮箱
    $email = $_POST['email'];
    //连库查询
    $sql = "SELECT * FROM `gm_index` WHERE `email` = '$email'";
    $re = mysqli_query($con,$sql);
    $row = mysqli_fetch_assoc($re);
    //验证邮箱
    if($row){
        echo '该邮箱已被注册';
    }else{//登录失败
        echo 1;
    }
}else{//找回密码
    //接收用户名
    $user = $_POST['username'];
    //生成令牌
    $pass = time() . mt_rand(1111,9999);
    //将令牌写入数据库
    $sql = "UPDATE `gm_index` SET `change_pwd` = '$pass' WHERE `game_user` = '$user'";
    $re = mysqli_query($con,$sql);
    if($re){//写入成功，发送邮件
        //查询邮箱
        $sql = "SELECT `email` FROM `gm_index` WHERE `game_user` = '$user'";
        $re = mysqli_query($con,$sql);
        $row = mysqli_fetch_assoc($re);
        if($re){
            //发送短信
            $str = "请前往以下链接重置密码：<br><a href='http://local.dede.com/resetpwd.php?key=$pass'>点击此处重置密码</a>";
            $re = sendAction($row['email'],'重置密码',$str);
            if($re){//邮件发送成功
                echo 1;
            }else{
                echo '邮件发送失败！';
            }
        }else{
            echo '发送失败，请联系管理员!';
        }
    }else{//写入失败，报错
        echo '您输入的用户名不存在！';
    }
}
